Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Pacific Gas & Electric Company notified the California Public Utilities Commission and several cities July 9 about flaws in the training and qualifications of about 1,400 employees who fuse plastic pipes used to deliver natural gas. – Oakland Tribune

3.July 10, Oakland Tribune – (California) PG&E discovers training flaws for pipeline workers. Pacific Gas and Electric Company notified the California Public Utilities Commission along with several cities it serves July 9 about flaws in the training and qualifications of about 1,400 employees who fuse plastic together pipes used to deliver natural gas to customers. The utility halted heat fusion work until employees complete the requalification session and assured regulators that the natural gas system is still safe. Source: http://www.mercurynews.com/business/ci_26118797/pg-e-discovers-flaws-training-natural-gas-pipe

• Honda announced July 8 that it is expanding a recall of several model year 2001-2011 Honda and Acura vehicles equipped with airbag inflators manufactured by Takata to include around 1 million additional vehicles in California. – New York Times

7.July 8, New York Times – (California) Honda expands Takata air bag inflator recall. Honda announced July 8 that it is expanding a recall of several model year 2001-2011 Honda and Acura vehicles equipped with airbag inflators manufactured by Takata to include around 1 million additional vehicles in California. The defective inflators could explode in a crash and create shrapnel and have already been recalled in several other States with high humidity that could make the problem more likely to occur. Source: http://www.nytimes.com/2014/07/09/automobiles/honda-expands-takata-air-bag-inflator-recall.html

• A 6,171-acre wildfire burning in Chelan County prompted the reinstatement of mandatory evacuations for residents July 10 and the closure of a 30-mile stretch of U.S. Highway 97a. – Associated Press

• HAZMAT teams responded to the YMCA Camp Letts in Edgewater, Maryland, July 9 after 35 patrons were hospitalized due to a chemical leak at a swimming pool. – EyeOnAnnapolis.net

34.July 9, EyeOnAnnapolis.net – (Maryland) 35 treated for chemical exposure at Camp Letts in Edgewater. HAZMAT teams responded to the YMCA Camp Letts in Edgewater July 9 due to a chemical leak caused by an apparent mechanical malfunction that caused an excessive amount of sodium hypochlorite or muriatic acid to enter the swimming pool on the property. Staff evacuated the pool and decontaminated patrons in the showers before responders transported 4 adults and 31 children to area hospitals. Source: http://www.eyeonannapolis.net/2014/07/09/35-treated-for-chemical-exposure-at-camp-letts-in-edgewater/

Financial Services Sector

9.July 10, WLKY 32 Louisville – (Kentucky) 19 people indicted in insurance fraud scheme. Nineteen people in Jefferson County, Kentucky, were indicted after a nearly 3 year investigation by the Kentucky Department of Insurance Fraud for allegedly running an accident-staging and insurance fraud ring that fraudulently obtained hundreds of thousands of dollars. Source: http://www.wlky.com/news/investigators-arrest-19-people-in-insurance-fraud-scheme/26870732

For another story, see item 26 below in theInformation Technology Sector

Information Technology Sector

26.July 10, Securityweek – (International) CryptoLocker infrastructure used for other threats: Bitdefender. Researchers with Bitdefender found that the infrastructure for the CryptoLocker ransomware remains active even though a takedown operation in June disrupted the ransomware operation. The infrastructure is currently being used for various fraudulent and malicious purposes including fake antivirus scams and the distribution of the Citadel banking trojan. Source: http://www.securityweek.com/cryptolocker-infrastructure-used-other-threats-bitdefender

28.July 10, The Register – (International) Crusty API opened Facebook accounts to hijacking. A security researcher revealed that a legacy API in Facebook allowed attackers to make REST API calls on behalf of Facebook users if their user ID was known, allowing attackers to update statuses, like content, and upload or delete photos. The flaw was reported to Facebook in April and fixed by Facebook, earning the researcher $20,000 through Facebook’s bug bounty program. Source: http://www.theregister.co.uk/2014/07/10/crusty_api_opened_facebook_accounts_to_hijacking/

29.July 10, Help Net Security – (International) Nearly 70% of critical infrastructure providers suffered a breach. Unisys released the results of a survey of 599 security executives in the manufacturing, utility, and energy sectors and found that almost 70 percent of respondents reported at least one security breach that led to a disruption in operations or disclosure of confidential information within the last 12 months. The report also found that data breaches were most often attributed to negligent insiders, among other findings. Source: http://www.net-security.org/secworld.php?id=17100

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"